ShinyHunters Exploit Oracle PeopleSoft Zero-Day to Hit 100+ Organizations
Tags Enterprise · Infrastructure
The ShinyHunters hacking group has compromised more than 100 organizations by actively exploiting a critical zero-day vulnerability in Oracle PeopleSoft (CVE-2026-35273), TechInsider reported June 26. Oracle issued an out-of-band security alert for the PeopleTools vulnerability, which is being exploited in data theft campaigns targeting enterprise ERP systems. The zero-day allows unauthenticated attackers to extract sensitive data and deploy ransomware. Oracle confirmed patches are available and urged immediate application.
Technical significance
The 100+ org compromise count makes this one of the most widespread ERP-targeted campaigns in recent years. For CISOs running PeopleSoft, the out-of-band patch and the active exploitation status mean this requires emergency change management. The incident also highlights the risk of legacy enterprise software remaining unpatched against zero-days for extended periods.